Overview
The Sophos SG Series appliances are designed to provide the optimal balance between performance and protection – for diverse IT environments. Whether you need a solution for a small remote office, want to protect your school campus, or are a global organization requiring high-availability and enterprise-grade features, our SG Series appliances are an ideal fit. Sophos is the registered trademark of Sophos Ltd. All other product and company names mentioned are trademarks or registered trademarks of their respective owners. United Kingdom and Worldwide Sales Tel: +44 (0)8447 671131 Email: sales@sophos.com North American Sales Toll Free: 1-866-866-2802 Email: nasales@sophos.com Australia and New Zealand Sales. With your Sophos ID. You can adjust the network settings of the device’s interfaces by clicking “Basic Setup” so that the device can connect to the Internet. After clicking “Register Device”, you are redirected to the Sophos.com. If you already have a Sophos ID, enter your login credentials under “Sign in with your Sophos. Thanks for choosing Sophos. Yes, our Free Home Use XG Firewall is a fully equipped software version of the Sophos XG firewall. Hence, it supports UTMS/dongles. We do not have a list of compatible USB modem, but mostly all of them are supported. Sachin Gurung Team Lead Sophos Technical Support. Optional VDSL Modem: Optional SFP Modem (not yet supported) Optional SFP Modem (not yet supported) Physical Specifications: Dimensions: 225 x 44 x 150 (w.h.d) mm 8.86 x 1.73 x 5.91 (w.h.d) inches: 225 x 44 x 150 (w.h.d) mm 8.86 x 1.73 x 5.91 (w.h.d) inches: Weight: 0.9 kg/1.8 kg (1.98 lbs/3.97 lbs) Unpacked/Packed.
- This article describe the steps to access the command interface of the Sophos XG firewall device with console cable
Prepare
- A console cable with one end is RJ45 and one end is a VGA port.
- Install PuTTy software on the computer.
Installation Instrictions
- First we will use the RJ45 end of the console wire attached to the COM port on the Sophos XG firewall device.
- The other VGA head attaches to the VGA port on the computer (If the computer does not have a VGA port, we can use a cord that converts from VGA to USB or HDMI).
- Then right-click on This PC and select Manage.
Sophos Cable Modem
- The Computer Management panel pops up, click on Device then click on the “>” icon to the left of Ports (COM & LPT) the drop down list and we will see the Serial port name connecting.
- Next we turn on the PuTTy software, at the Connection type we select Serial, in the Serial line box we enter the name of the connecting Serial port we have seen above in this example is COM3 and in the box The speed we entered in 38400 is the default number.
- Click Open to connect, enter the firewall’s password and press Enter to log into the Command interface of the firewall.
YOU MAY ALSO INTEREST
A fortnight in to 2020 and we have the first security flaw considered important enough to be given its own name: Cable Haunt – complete with eye-catching logo.
First discovered by Danish company Lyrebirds some time ago, Cable Haunt is an unusual flaw which in Europe alone is said to affect up to 200 million cable modems based on the Broadcom platform.
Specifically, the flaw is in a normally hidden software layer called the spectrum analyser (SA) used by Internet Service Providers (ISPs) to troubleshoot a subscriber’s connection quality.
According to Lyrebirds, this analyser has several problems starting with the basic problem that the WebSocket interface used to control the tool from a web browser is unsecured.
Because parameters sent via this are not restricted by the modem, it accepts JavaScript running in the browser – which gives attackers a way in as long as they can reach the browser (although not in Firefox, apparently).
Using HTTPS instead of an exposed WebSockets would have dodged that bullet by implementing Cross-Origin Resource Sharing (CORS) security.
What might an attacker do?
Sophos Cellular Modem
- Change default DNS server
- Conduct remote man-in-the-middle attacks
- Hot-swap code or even the entire firmware
- Upload, flash, and upgrade firmware silently
- Disable ISP firmware upgrade
- Change every config file and settings
- Get and Set SNMP OID values
- Change all associated MAC Addresses
- Change serial numbers
- Be exploited in botnet.
Identified as CVE-2019-19494 (a second CVE, CVE-2019-19495, relates to the vulnerability on the Technicolor TC7230 modem), it’s clear from that list that this is a flaw users should not ignore.
Haunted
The researchers offer what looks like a valid reason for giving the issue a name – the desire to grab attention to a flaw they hint that some modem makers and ISPs have been ignoring since the company reported it to them in early 2019. The risk:
At this rate it would eventually leak out of our hands and into organizations with time and resources to take advantage of the vulnerability.
Lyrebirds thinks it knows why things have been moving so slowly too:
We are a small unknown crew with no reputation and could therefore not establish connection with any manufacturers directly, even though we tried.
What to do
The vulnerability affects cable modems using Broadcom’s reference software as part of their firmware, so the first thing is to work out whether your broadband connection is served using that technology combination (ones advertised as being fibre or ADSL are not affected).
Beyond that, because modem makers integrate the firmware for Broadcom modems to suit their own needs, the degree to which specific models using the software are affected is hard to predict.
The researchers list several models and firmware versions known to be at risk from Sagemcom, Technicolor, Netgear, and Compal, but they caution that this isn’t exhaustive.
The researchers have also made available a test script that more technical users can use to work out whether a modem is vulnerable. It’s a not a guarantee, however – even if it comes up negative, a modem might still be vulnerable, they caution.
The first piece of good news is that because cable modems are remotely managed, ISPs will apply a fix automatically when it becomes available.
The second piece of good news is that there’s no evidence attackers have exploited the flaw – yet.
Sophos Router With Fiber Interface
When your ISP gets around to applying the fix will be up to them. Some might have quietly done so already but expect others to take longer. If the researchers couldn’t get modem makers and ISPs to talk to them, customers may not get much further.